MIT 6.5620/6.875/18.425 (Fall 2023)
Foundations of Cryptography
Foundations of Cryptography
Course Description
The field of cryptography gives us a technical language to define important real-world problems such as security, privacy and integrity, a mathematical toolkit to construct mechanisms such as encryption, digital signatures, zero-knowledge proofs, homomorphic encryption and secure multiparty computation, and a complexity-theoretic framework to prove security using reductions. Together, they help us enforce the rules of the road in digital interactions.The last few years have witnessed dramatic developments in the foundations of cryptography, as well as its applications to real-world privacy and security problems. For example, cryptography is abuzz with solutions to long-standing open problems such as fully homomorphic encryption and software obfuscation that use an abundance of data for public good without compromising security.
The course will explore the rich theory of cryptography all the way from the basics to the recent developments.
Prerequisites: This is an introductory, but fast-paced, graduate course, intended for beginning graduate students and upper level undergraduates in CS and Math. We will assume fluency in algorithms (equivalent to 6.046), complexity theory (equivalent to 6.045) and discrete probability (equivalent to 6.042). Mathematical maturity and an ease with writing mathematical proofs will be assumed starting from the first lecture.
Course Information
INSTRUCTOR |
Vinod Vaikuntanathan Email: vinodv at csail dot mit dot edu Office hours: Fridays, 4-5pm. Location: 32-G696. |
LOCATION AND TIME | Monday and Wednesday 1:00-2:30pm in 1-190 |
TAs |
Chirag Falor Email: cfalor at mit dot edu Office hours: Sun 11-12 noon. Location: 24-307. Neekon Vafa Email: nvafa at mit dot edu Office hours: Tuesdays 5:30-7:30pm. Location: 36-155. Hanshen Xiao Email: hsxiao at mit dot edu Office hours: Mon 4-6 pm. Location: 36-155. |
RECITATIONS |
Probability review: Friday, September 8, 4-5:30pm in 4-159. Probability theory handout | Video Complexity and reductions review: Friday, September 15, 4-5:30pm in 4-159. Complexity theory and reductions handout, updated | Video Number theory review: Friday, October 6, 4-5:30pm in 4-159. Number theory handout | Dana Angluin's notes | Keith Conrad's note on the cyclicity of Zp* |
RESOURCES |
The main references will be the course materials including lecture notes, slides and/or videos.
We will also post relevant papers after every lecture.
Here are a few supplementary references for the entire course material.
Lecture notes
|
PIAZZA | We will use Piazza for class communication. Our class Piazza is here. Please ask your questions there, so that other students can see the questions and answers. |
ASSIGNMENTS AND GRADING |
Grading will be based on the problem sets, midterm exam, and class participation.
There will be 6 problem sets and your top 5 scores will count towards your grade.
You have a total of 10 late days to use across the 6 psets (max of 5 late days for any single pset). You can use these late days however you like; we will use the timestamp of your Gradescope submission to calculate the number of late days.
Submitting psets:
Released problem sets:
|
COLLABORATION POLICY | Collaboration is permitted and encouraged in small groups of at most three students. You are free to collaborate in discussing answers, but you must write up solutions on your own, and must specify in your submission the names of any collaborators. Do not copy any text from your collaborators; the writeup must be entirely your work. Do not write down solutions on a board and copy it verbatim into Latex; again, the writeup must be entirely your own words and your own work and should demonstrate clear understanding of the solution. Additionally, you may make use of published material, provided that you acknowledge all sources used. Of course, scavenging for solutions from prior years is forbidden. |
Schedule (tentative and subject to change)
Lecture | Topic |
Module 1: Basics and Private-Key Cryptography | |
Lecture 1 (Wed Sep 6) HW #1 out |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
Recommended reading:
|
Lecture 2 (Mon Sep 11) |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
Recommended reading:
|
Lecture 3 (Wed Sep 13) |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
Recommended reading:
|
Lecture 4 (Mon Sep 18) |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
Recommended reading:
Advanced reading:
|
Lecture 5 (Wed Sep 20) HW #1 due, HW #2 out |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
|
Lecture 6 (Mon Sep 25) |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
|
Lecture 7 (Wed Sep 27) |
Resources: Slides, Slides (PDF), and lecture video. Topics covered:
|
Module 2: Public-Key Cryptography | |
Lecture 8 (Mon Oct 2) |
Public-Key Cryptography I: Key Exchange
Resources: Slides, Slides (PDF) and lecture video. Advanced reading:
|
Lecture 9 (Wed Oct 4) HW #2 due, HW #3 out |
Public-Key Cryptography II: Key Exchange
Resources: Slides, Slides (PDF) and lecture video. Advanced reading:
|
No lecture (Mon Oct 9) Indigenous Peoples' Day |
|
Lecture 10 (Wed Oct 11) |
Public-Key Cryptography III
Resources: Slides, Slides (PDF) and lecture video. |
Lecture 11 (Mon Oct 16) |
Digital Signatures I
Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Lecture 12 (Wed Oct 18) HW #3 due, HW #4 out |
Digital Signatures II (+Collision-Resistant Hash Functions) . Resources: Slides, Slides (PDF) and lecture video. |
Lecture 13 (Mon Oct 23) |
Digital Signatures III
Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Midterm (Wed Oct 25) |
No class. Midterm Exam 7-9pm in 1-190, covering material upto (and including) Lecture 12 |
Module 3: Zero Knowledge | |
Lecture 14 (Mon Oct 30) |
Zero knowledge I: Definitions and Examples.
Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Lecture 15 (Wed Nov 1) |
Zero knowledge II: NP in ZK Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Lecture 16 (Mon Nov 6) |
Zero knowledge III: Non-Interactive ZK and Applications Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Module 4: Secure Computation | |
Lecture 17 (Wed Nov 8) HW #4 due, HW #5 out |
Secure Computation. Tools: Secret Sharing and Oblivious Transfer Resources: Slides, Slides (PDF) and lecture video. |
Lecture 18 (Mon Nov 13) |
Goldreich-Micali-Wigderson (GMW) Secure Two-Party and Multi-Party Computation Protocol. Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Lecture 19 (Wed Nov 15) |
Secure Two-Party Computation (Continued), Malicious Security. Resources: Slides, Slides (PDF) and lecture video. Advanced reading: |
Lecture 20 (Mon Nov 20) HW #5 due, HW #6 out |
Yao's Garbled Circuits.
Resources: Slides, Slides (PDF) and lecture video. Recommended reading:
|
Lecture 21 (Wed Nov 22) |
Merkle Trees and Oblivious RAM. [Given by TA Neekon Vafa]
Resources: Slides (Keynote), Slides (PDF) and lecture video. |
Lecture 22 (Mon Nov 27) |
Fully Homomorphic Encryption (Part 1)
Resources: Slides, Slides (PDF) and lecture video. |
Lecture 23 (Wed Nov 29) |
Fully Homomorphic Encryption (Part 2)
Resources: Slides, Slides (PDF) and lecture video. [Same slides as last lecture.] |
Lecture 24 (Mon Dec 4) HW #6 due |
Succinct ZK arguments.
Resources: Lecture video. Recommended reading:
|
Module 5: Advanced Topics | |
Lecture 25 (Wed Dec 6) |
Program Obfuscation
Resources: Main slides (Keynote), Main slides (PDF), Part 2 slides (Powerpoint), Part 2 slides (PDF) and lecture video. Recommended reading:
|
Lecture 26 (Mon Dec 11) |
Guest Lecture: Tina Zhang on Quantum Cryptography
Resources: Lecture video. |
Lecture 27 (Wed Dec 13) |
Guest Lecture: Rahul Ilango on The Complexity-Theoretic Foundations of Cryptography
Resources: Lecture video. |